API Signature

What is it?


The ANF AC SIGNATURE API allows a complete adaptation to the needs and scenarios proposed by our customers, allowing the installation in secure environments or customer infrastructure, without the need for output of documentation or sensitive files. It allows developers to incorporate advanced electronic signature processes and qualified electronic signature in their local applications and web services.


Learn more

Interoperability

Available for Linux, Windows and Android operating systems. Development languages: it is functional with all internationally used platforms.

Applications

Integration of electronic signature in vertical, local and remote applications (Web service).

We offer the best in the market

Signature Attributes

This cryptographic component incorporates the necessary communications protocol to establish secure transactions with ANF AC's Time Stamping Units and OCSP Responders, obtaining qualified electronic time stamp and certificate status validation response used in the signing process. These attributes are incorporated to the signature/seal according to the reference standards: TimeStampo RFC 3161 and OCSP RFC 6960.

In addition, ANF AC's Signature API has the ability to incorporate an identifier of a given Signature Policy.

The timestamp, OCSP responses and ANF AC's signature policy have been audited in compliance with eIDAS.



Available format modalities

The API of ANF AC has the ability to include attributes in signature/seal, obtaining different levels of security according to the new Baseline formats.


tabla comparativa de niveles antiguos del estándar y nuevos Baseline
Comparative table of old standard levels and new Baseline levels


Technical characteristics
  • B = Basic electronic signature. Only contains SignedInfo, SignatureValue, KeyInfo and SignedProperties. This level combines the old -BES and -EPES levels.
  • T = Signature that includes a TimeStamp.The TimeStamp is included at signature time as non-repudiation protection.
  • LT = Long-term signature. In addition to the TimeStamp the certificate status verification data and OCSP query are included, allowing future verification even if the original source is not available. This level is equivalent to the old -XL.
  • LTA = Long-term signature and its preservation. Allows the inclusion of new TimeStamp in order to guarantee the preservation of the signature, even if there are risks of validity status of cryptographic components. This level is equivalent to the former -A.
Qualified signature/e-Signature validation

Verification of all the components of an electronic signature/seal is essential to provide legal certainty as to its validity. This is an obligation that must be assumed by the recipient of the signatures before trusting them and logically, the signature service used by the issuer of the signature must ensure that it has the capacity to be verified later.

ANF AC is one of the few PCSCs that have achieved the accreditation of its qualified signature/seal service in accordance with articles 32 and 40 of the eIDAS Regulation.

ANF AC's Signature API incorporates all the necessary logic to perform validation operations and even establish real-time communication with European TSLs to perform verification according to ETSI TS 119 172-4, and according to ETSI TS 119 612 [ESI - Trusted Lists].

Documentation and engineering support

This component has detailed documentation that facilitates its use by developers. ANF Certification Authority guarantees its Partners engineering support and expert knowledge in the field, both from a technical and legal point of view.

Updates

ANF Certification Authority assumes the responsibility to carry out all necessary updates to maintain regulatory and legal compliance with any changes that may occur.


And, optionally, possibility to include ASiC signature/seal, according to ETSI EN 319 162.